Pwoahhhh, its been a long 3 weeks..
Managed to root a total of 28 machines so far! Really proud of the work I’m putting in . It was definitely a mixture of Metasploit and manual methods.. I have been putting in some time going back to the ones that I have rooted in Metasploit and try to complete them the manual way.
In the next week, I’m going to try and knock off the remaining machines that I have pending in the LAB environment. Also, I have found a network-secret.key which unlocks a new Subnet called IT, which has a further 6 machines. I don’t think it can be directly rooted as well — meaning I need to pivot off another machine to directly access the ones in the IT subnet.
I’m planing out my days much better as well. Giving myself half the day to see if I can get an unprivileged shell/root, and the last half of the day to go over old machines and learn different techniques.
The remaining machines are proving to be difficult. Reason is because there are software that is blocking port scans — Cant be scanned directly! For this specific machine I would need to see which machine (that I’ve rooted) can communicate to this one then perform a scan instead.
There are also some client sided machines in which the machines do what normal users do in the workforce — like check emails every 5 minutes or refresh a web browser ever 1 minute. Its good as I can leverage this information to craft some sort of attack at certain time slots.
Overall, I’m learning so much. I still haven’t gone through the course material and the videos thoroughly yet, but will definitely do so in the next couple of weeks.
Until then, here’s a cute cat. I think he’s uploading a reverse shell!